Why Earn your CISSP with InfoSec?

CISSP for Financial Services

The financial sector encompasses a broad range of businesses providing exceptional value and deep confidence in the world’s economy. Currently the major shift in business is toward providing cost effective ways to improve business output and performance and deliver resilient, innovative products and service with enhanced user experience to meet the customer demands while retaining loyalty and trust. As organizations transcend their services for deriving business value, they are navigating a landscape full of challenges.

Corporate, business and technology innovations to spur growth and cut costs are leading to higher levels of cyber risk. As per PWC’s Global Economic Crime Survey, cybercrimes are one of the most reported economic crimes, with financial institutions being the prime targets. The cyber security landscape, especially for financial institutions, is evolving day by day in volume, sophistication and impact, with multiple advanced attack vectors.

Threats to financial institutions are existential, complex and difficult to manage over the long run. This combined with the complexities (and scale) of specialized applications, diverse technology mapping creates an ecosystem of business full of complex threat vectors which attract multiple cyber adversaries.

Deloitte found that in the financial services sector, 88% of attacks are successful in less than a day, but only 21% are discovered within a day.

In the past, financial institutions have installed comprehensive threat monitoring solutions for detecting potential destructive attack vectors or frauds which would result in loss of client / investor confidence. This is no longer enough.

Financial institutions today require professionals with such cyber security skill sets, who have clear knowledge of multiple types of threats and who can identify indicators of compromise (IOC) patterns across multiple assets in the organization. This would help the institutions better predict cyber threat campaigns in progress with advanced threat intelligence and monitoring.

Advanced Cyber Security Threats

Intel Security recently released a report in which, as per their analysis, 82% of respondents reported a shortage of cyber security skills, with more than 71% of respondents who reported this shortage in cyber security skills having direct and measurable damage. As per 2016 Financial Industry report by Secure Scorecard, they detected malware in nearly half of the largest 20 US Commercial banks.

Following are the key specific findings which were identified across the financial institutions.

Generic Malware was found in 15 out of 20 commercial banks

Ponyloader was found in 14 out of 20 commercial banks

Vertexnet was found in 9 out of 20 commercial banks

Keybase was found in 8 out of 20 commercial banks

Malware events were detected across all 20 commercial banks over the past 365 days

Over 422 malware events was detected in just one of the commercial banks over the past year

A total of 788 malware events were detected in all 20 commercial banks over the past 365 days

Listed below are some of the leading cyber security threat categories which are potential attack vectors for financial institutions:

Targeted attacks

Drive-by downloads

Information Leakage

Worms/ Trojans

Code Injection Attacks

Exploit Kits

Botnets

Physical damage, Theft

Denial of Service

Phishing

Spam

Identity theft / fraud

Ransomware / Scareware

Data Breaches

Watering Hole

Such cyber security events lead to data breaches, and data breaches lead to identity theft, which is then used to hack into accounts of customers. These fraudulent activities cannot be generally detected as they are viewed by the system as authentic transactions. Thus, a lack of effective cyber security skills has left industries open to attacks resulting in reputation damage and data loss.

Cyber adversaries generally gather open source intelligence in order to generate schemes and methodologies for carrying out well-planned attacks in order to achieve their goals. The following flow illustrates an attack sequence pattern generally observed in financial industry captured by security analysts to identify the lifecycle of an attack.

Figure 1 Illustrative flow of Cyber Security attacks

Current threat detection and response capabilities are primarily challenged by:

The speed and intensity of attack

Significant delays in discovering attacks

Longer restoration times per attack

Cyber Security and Threat Intelligence are one of the key major footsteps towards identifying such indicators of compromise and mitigating cyber security threats across the financial sector. Fundamentally, it signifies identifying and analyzing comprehensive traffic to find security outliers. With cyber security experience in the domain and skills gained through cyber security certifications including CISSP the following threat intelligence categories would support to define a coherent threat intelligence model.

Vulnerabilities and Exploits

Zero-day vulnerabilities

Exploit Kits

APT campaigns

Targeted attack patterns

Threat actors involved

Threat tactics, tools and malware

Vulnerabilities Exploited

Geographical region targeted

Profiles of the affected victims

Cyber Security Incidents

Data Breaches

Identity and financial thefts

Infiltration and Exfiltration attempts

Malware activity and Traffic analysis

Latest malware proliferation

Infected platforms

Signatures and Hashes

Malware Authors

Source code

Geographical Expanse

Botnet and DDoS activity

Command and Control servers

Underground Forums and IRC Channels

Discussions on hacking, malware

Identity data disclosure, doxes

Posts on Malware and Exploit kits

Sale of Identity and Financial data

Emerging Cybercrime-as-a-service groups

Social Engineering and Phishing Campaigns

Ongoing Phishing and spam campaigns

Geographical regions

Spear-Phishing Emails

Phishing domains

Also, because of the leap-frog nature of new advanced persistent threats (APTs) and countermeasures, cyber security is an ongoing battle that should be seen as part of the cost of doing business with financial institutions.

Need for skilled cyber security resources

Financial institutions, primarily banks, are the prime targets amongst all corporations that handle sensitive data, since financial data is most sought after by hackers. As cyber risks grow across this sector, the supply of qualified cyber security professionals is stretched thin among corporations, governments and hacking organizations.

The demand growth for cyber security professionals has been so high and from so many varied sources that the number of qualified professionals available cannot satisfy it. Corporations are recruiting certified cyber professionals to prevent (or conduct) corporate espionage and hacking and to enable the companies’ cyber security measures.

Developed countries have put a lot of resources into state sponsored cyber security and cyber warfare. They are also attracting the best of the talent, owing to the complexity of the security measures needed. Accountancy and consultancy firms have also joined in, as they set up IT advisory services, the recruitment of experienced and certified cyber security professionals into a consulting or advisory role is paramount.

Classic Example: Breach at Barclays Bank

The attack on Barclays is a reminder that, despite heavy investment in IT risk management, banks are still very vulnerable to cyber-attacks. In the breach, the attackers got customer’s personally identifiable information and personal health information such as their names, phone numbers, passport numbers, mortgages, savings, medical information etc.

Data breach had put Barclays under investigation by the Financial Conduct Authority (FCA) and the Information Commissioner’s Office, which has the potential to impose fines on organizations for failing to protect private data.

Importance of CISSP in financial sector

The CISSP is one of the most eminent cyber security certification which covers the subject matter in multiple information security topics. The examination is based on what (ISC)² terms the Common Body of Knowledge (or CBK). According to (ISC)², “the CISSP CBK is a taxonomy – a collection of topics relevant to information security professionals around the world. The CISSP CBK establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss, debate and resolve matters pertaining to the profession with a common understanding”.

The latest curriculum of CISSP is divided into eight key domains:

Security and Risk Management

Asset Security

Security Engineering

Communications and Network Security

Identity and Access Management

Security Assessment and Testing

Security Operations

Software Development Security

As high-profile security breaches continue to dominate headlines, companies are doubling down on pay to hire the best certified and the brightest cyber security professionals.

The marketplace is demanding more certifications in the niche of cyber security with the importance of strong project management discipline in securing assets from all the perspective. Getting certified in CISSP is a good indicator that a person has been able to understand the breadth and depth of security concepts, and they are the right person to implement and execute a security project in every other organization.

If anyone’s looking to get ahead in the niche of cyber security, then being certified in CISSP is vital to fuel a successful IT security career. It makes technology professionals with a couple of years of experience more likely to demonstrate their skills against multiple threat vectors and reduce the impact of the threats to business.

With the emergence of new mediums in business, including mobile, social, cloud big data and analytics, the technologies and processes deployed by business are so tightly coupled with the customers and markets that even any minute security threat can have a magnified impact on businesses.

CISSP and Cyber Security Threats in the Financial Sector

To increase security detection and prevention capabilities across financial business units, organizations must seek to maximize the skill of their employees by leveraging a customized training program and security certification path, as per the role of the security team members from analysts to senior directors. Employers that leverage CISSP as a qualification for a cyber-security manager position can be more confident in the skills of the employee and their understanding of evolving threats and priorities.

CISSP certified professional will have the clarity of concepts and adequate experience to identify the threat landscape for a complex environments across the financial sector. They will be more aware of the security challenges corresponding to various technologies and in a position to identify preventive measures against identified threats.

Having a Certified CISSP assists in having:

Improved IT security operations: CISSP improves in defining and optimizing the security strategy for applications and infrastructure, so users and customers experience less security challenges and incidents – increasing the user experience.

Security Effectiveness: Security response is a competitive differentiator for any business and is strategic to the business. Agile response to security requirements allows organizations to react quickly to incidents in the financial ecosystem.

Optimized Security Operations: CISSP helps to understand and build a Security Operations Center team, which can help to constantly monitor the security risk indicators for the physical infrastructure and maximizing the productivity of all the security solutions and its usage to the environment. It also helps to increase the efficacy of security staff across segregated areas to improve the potential for identifying risks and security improvements across key business zones.

Without the combination of a skilled, certified manager and risk management experience, securing infrastructure, applications and enterprise risk implementations across the businesses are unreliable and generally tend to fail.

How CISSP can be used in the financial sector

CISSP holders can create more specific cyber security strategies and maturity roadmaps for organizations handling more complex cyber security challenges. Certified cyber security professionals spend generally less time than non-certified professionals and even provide a higher degree of security resolution.

With CISSP, a cyber-security professional can:

Evolve and align the Cyber Security Program with the business continuity objectives

Manage cyber readiness and preparation processes at all levels of the organization across all security areas

Advance cyber security analytics and monitoring solutions to provide the threat analysis and business context to enable rapid response

Define a strategy around threat response, containment, and eradication – including cyber takedown, recovery, and forensics

Figure 2 Cyber Security Threat Detection Maturity Model

Today financial institutions and businesses are challenged to defend their environment due to lack of cyber security talent. As per the Intel Security key findings, one in three say a shortage of skills makes their organizations more desirable hacking targets. One in four say insufficient cyber security staff strength has damaged their organization’s reputation and led directly to the loss of proprietary data through cyber-attack. A robust security strategy requires a skilled workforce and CISSP adds value to the overall equation, especially for financial institutions.

Job Titles

About InfoSec

InfoSec Institute is the best source for high quality information security training. We have been training Information Security and IT Professionals since 1998 with a diverse lineup of relevant training courses. In the past 16 years, over 50,000 individuals have trusted InfoSec Institute for their professional development needs!

Join our newsletter

File download

First Name

Last Name

Work Phone Number

Work Email Address

Job Title

Why Take This Training?

How will you fund your training?

What is your training budget?

InfoSec institute respects your privacy and will never use your personal information for anything other than to notify you of your requested course pricing. We will never sell your information to third parties. You will not be spammed.

Comments

What is Skillset?

Skillset

Practice tests & assessments.

Practice for certification success with the Skillset library of over 100,000 practice test questions. We analyze your responses and can determine when you are ready to sit for the test. Along your journey to exam readiness, we will:

1. Determine which required skills your knowledge is sufficient
2. Which required skills you need to work on
3. Recommend specific skills to practice on next
4. Track your progress towards a certification exam